Differential D8062 Diff 27508 shared/protos/identity_client.proto

Changeset View

Standalone View

shared/protos/identity_client.proto

	syntax = "proto3";			syntax = "proto3";

	package identity.client;			package identity.client;

	// RPCs from a client (iOS, Android, or web) to identity service			// RPCs from a client (iOS, Android, or web) to identity service
	service IdentityClientService {			service IdentityClientService {

	// Account actions			// Account actions

	// Called by user to register with the Identity Service (PAKE only)			// Called by user to register with the Identity Service (PAKE only)
	// Due to limitations of grpc-web, the Opaque challenge+response			// Due to limitations of grpc-web, the Opaque challenge+response
	// needs to be split up over two unary requests			// needs to be split up over two unary requests
	// Start/Finish is used here to align with opaque protocol			// Start/Finish is used here to align with opaque protocol
	rpc RegisterPasswordUserStart(RegistrationStartRequest) returns (			rpc RegisterPasswordUserStart(RegistrationStartRequest) returns (
	RegistrationStartResponse) {}			RegistrationStartResponse) {}
				rpc RegisterReservedPasswordUserStart(ReservedRegistrationStartRequest)
				returns (RegistrationStartResponse) {}
	rpc RegisterPasswordUserFinish(RegistrationFinishRequest) returns (			rpc RegisterPasswordUserFinish(RegistrationFinishRequest) returns (
	RegistrationFinishResponse) {}			RegistrationFinishResponse) {}
	// Called by user to update password and receive new access token			// Called by user to update password and receive new access token
	rpc UpdateUserPasswordStart(UpdateUserPasswordStartRequest) returns			rpc UpdateUserPasswordStart(UpdateUserPasswordStartRequest) returns
	(UpdateUserPasswordStartResponse) {}			(UpdateUserPasswordStartResponse) {}
	rpc UpdateUserPasswordFinish(UpdateUserPasswordFinishRequest) returns			rpc UpdateUserPasswordFinish(UpdateUserPasswordFinishRequest) returns
	(Empty) {}			(Empty) {}
	// Called by user to register device and get an access token			// Called by user to register device and get an access token
	▲ Show 20 Lines • Show All 86 Lines • ▼ Show 20 Lines
	message RegistrationStartRequest {			message RegistrationStartRequest {
	// Message sent to initiate PAKE registration (step 1)			// Message sent to initiate PAKE registration (step 1)
	bytes opaqueRegistrationRequest = 1;			bytes opaqueRegistrationRequest = 1;
	string username = 2;			string username = 2;
	// Information needed to open a new channel to current user's device			// Information needed to open a new channel to current user's device
	DeviceKeyUpload deviceKeyUpload = 3;			DeviceKeyUpload deviceKeyUpload = 3;
	}			}

				message ReservedRegistrationStartRequest {
				// Message sent to initiate PAKE registration (step 1)
				bytes opaqueRegistrationRequest = 1;
				string username = 2;
				// Information needed to open a new channel to current user's device
				DeviceKeyUpload deviceKeyUpload = 3;
				// Message from Ashoat's keyserver attesting that a given user has ownership
				// of a given username
				string keyserverMessage = 4;
				// Above message signed with Ashoat's keyserver's signing ed25519 key
				string keyserverSignature = 5;
				}

	// Messages sent from a client to Identity Service			// Messages sent from a client to Identity Service
	message RegistrationFinishRequest {			message RegistrationFinishRequest {
	// Identifier to correlate RegisterStart session			// Identifier to correlate RegisterStart session
	string sessionID = 1;			string sessionID = 1;
	// Final message in PAKE registration			// Final message in PAKE registration
	bytes opaqueRegistrationUpload = 2;			bytes opaqueRegistrationUpload = 2;
	}			}

	▲ Show 20 Lines • Show All 190 Lines • Show Last 20 Lines